diff options
Diffstat (limited to 'meta/recipes-graphics/cairo')
9 files changed, 254 insertions, 94 deletions
diff --git a/meta/recipes-graphics/cairo/cairo-fpu.inc b/meta/recipes-graphics/cairo/cairo-fpu.inc deleted file mode 100644 index ef72e8904b..0000000000 --- a/meta/recipes-graphics/cairo/cairo-fpu.inc +++ /dev/null @@ -1,6 +0,0 @@ - -def get_cairo_fpu_setting(bb, d): - if d.getVar('TARGET_FPU', True) in [ 'soft' ]: - return "--disable-some-floating-point" - return "" - diff --git a/meta/recipes-graphics/cairo/cairo.inc b/meta/recipes-graphics/cairo/cairo.inc deleted file mode 100644 index 1e45318dde..0000000000 --- a/meta/recipes-graphics/cairo/cairo.inc +++ /dev/null @@ -1,45 +0,0 @@ -SUMMARY = "The Cairo 2D vector graphics library" -DESCRIPTION = "Cairo is a multi-platform library providing anti-aliased \ -vector-based rendering for multiple target backends. Paths consist \ -of line segments and cubic splines and can be rendered at any width \ -with various join and cap styles. All colors may be specified with \ -optional translucence (opacity/alpha) and combined using the \ -extended Porter/Duff compositing algebra as found in the X Render \ -Extension." -HOMEPAGE = "http://cairographics.org" -BUGTRACKER = "http://bugs.freedesktop.org" -SECTION = "libs" -LICENSE = "MPL-1 & LGPLv2.1 & GPLv3+" -LICENSE_${PN} = "MPL-1 & LGPLv2.1" -LICENSE_${PN}-dev = "MPL-1 & LGPLv2.1" -LICENSE_${PN}-gobject = "MPL-1 & LGPLv2.1" -LICENSE_${PN}-perf-utils = "GPLv3+" -X11DEPENDS = "virtual/libx11 libsm libxrender libxext" -DEPENDS = "libpng fontconfig pixman glib-2.0 zlib" - -PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'directfb', 'directfb', '', d)}" - -PACKAGECONFIG[x11] = "--with-x=yes -enable-xlib,--with-x=no --disable-xlib,${X11DEPENDS}" -PACKAGECONFIG[xcb] = "--enable-xcb,--disable-xcb,libxcb" -PACKAGECONFIG[directfb] = "--enable-directfb=yes,,directfb" -PACKAGECONFIG[valgrind] = "--enable-valgrind=yes,--disable-valgrind,valgrind" -PACKAGECONFIG[egl] = "--enable-egl=yes,--disable-egl,virtual/egl" -PACKAGECONFIG[glesv2] = "--enable-glesv2,--disable-glesv2,virtual/libgles2" - -#check for TARGET_FPU=soft and inform configure of the result so it can disable some floating points -require cairo-fpu.inc -EXTRA_OECONF += "${@get_cairo_fpu_setting(bb, d)} \ - --enable-tee \ - " - -inherit autotools pkgconfig - -# We don't depend on binutils so we need to disable this -export ac_cv_lib_bfd_bfd_openr="no" -# Ensure we don't depend on LZO -export ac_cv_lib_lzo2_lzo2a_decompress="no" - -BBCLASSEXTEND = "native" - -CFLAGS += "-ffat-lto-objects" diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch b/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch new file mode 100644 index 0000000000..4252a5663b --- /dev/null +++ b/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch @@ -0,0 +1,34 @@ +CVE: CVE-2018-19876 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001 +From: Carlos Garcia Campos <cgarcia@igalia.com> +Date: Mon, 19 Nov 2018 12:33:07 +0100 +Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in + cairo_ft_apply_variations + +Fixes a crash when using freetype >= 2.9 +--- + src/cairo-ft-font.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c +index 325dd61b4..981973f78 100644 +--- a/src/cairo-ft-font.c ++++ b/src/cairo-ft-font.c +@@ -2393,7 +2393,11 @@ skip: + done: + free (coords); + free (current_coords); ++#if HAVE_FT_DONE_MM_VAR ++ FT_Done_MM_Var (face->glyph->library, ft_mm_var); ++#else + free (ft_mm_var); ++#endif + } + } + +-- +2.11.0 + diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch new file mode 100644 index 0000000000..5232cf70c6 --- /dev/null +++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch @@ -0,0 +1,19 @@ +There is a potential infinite-loop in function _arc_error_normalized(). + +CVE: CVE-2019-6461 +Upstream-Status: Pending +Signed-off-by: Ross Burton <ross.burton@intel.com> + +diff --git a/src/cairo-arc.c b/src/cairo-arc.c +index 390397bae..f9249dbeb 100644 +--- a/src/cairo-arc.c ++++ b/src/cairo-arc.c +@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance) + do { + angle = M_PI / i++; + error = _arc_error_normalized (angle); +- } while (error > tolerance); ++ } while (error > tolerance && error > __DBL_EPSILON__); + + return angle; + } diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch new file mode 100644 index 0000000000..4e4598c5b5 --- /dev/null +++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch @@ -0,0 +1,20 @@ +There is an assertion in function _cairo_arc_in_direction(). + +CVE: CVE-2019-6462 +Upstream-Status: Pending +Signed-off-by: Ross Burton <ross.burton@intel.com> + +diff --git a/src/cairo-arc.c b/src/cairo-arc.c +index 390397bae..1bde774a4 100644 +--- a/src/cairo-arc.c ++++ b/src/cairo-arc.c +@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t *cr, + if (cairo_status (cr)) + return; + +- assert (angle_max >= angle_min); ++ if (angle_max < angle_min) ++ return; + + if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) { + angle_max = fmod (angle_max - angle_min, 2 * M_PI); diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch b/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch new file mode 100644 index 0000000000..fb6ce5cfdf --- /dev/null +++ b/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch @@ -0,0 +1,60 @@ +Fix stack buffer overflow. + +CVE: CVE-2020-35492 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001 +From: Heiko Lewin <heiko.lewin@worldiety.de> +Date: Tue, 15 Dec 2020 16:48:19 +0100 +Subject: [PATCH] Fix mask usage in image-compositor + +--- + src/cairo-image-compositor.c | 8 ++-- + test/Makefile.sources | 1 + + test/bug-image-compositor.c | 39 ++++++++++++++++++++ + test/reference/bug-image-compositor.ref.png | Bin 0 -> 185 bytes + 4 files changed, 44 insertions(+), 4 deletions(-) + create mode 100644 test/bug-image-compositor.c + create mode 100644 test/reference/bug-image-compositor.ref.png + +diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c +index 79ad69f68..4f8aaed99 100644 +--- a/src/cairo-image-compositor.c ++++ b/src/cairo-image-compositor.c +@@ -2601,14 +2601,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h, + unsigned num_spans) + { + cairo_image_span_renderer_t *r = abstract_renderer; +- uint8_t *m; ++ uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask); + int x0; + + if (num_spans == 0) + return CAIRO_STATUS_SUCCESS; + + x0 = spans[0].x; +- m = r->_buf; ++ m = base; + do { + int len = spans[1].x - spans[0].x; + if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) { +@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h, + spans[0].x, y, + spans[1].x - spans[0].x, h); + +- m = r->_buf; ++ m = base; + x0 = spans[1].x; + } else if (spans[0].coverage == 0x0) { + if (spans[0].x != x0) { +@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h, + #endif + } + +- m = r->_buf; ++ m = base; + x0 = spans[1].x; + } else { + *m++ = spans[0].coverage; +-- diff --git a/meta/recipes-graphics/cairo/cairo/cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff b/meta/recipes-graphics/cairo/cairo/cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff new file mode 100644 index 0000000000..7aaad2eedd --- /dev/null +++ b/meta/recipes-graphics/cairo/cairo/cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff @@ -0,0 +1,22 @@ +Cairo: Fix Denial-of-Service Attack due to Logical Problem in Program + +https://bugs.freedesktop.org/show_bug.cgi?id=100763 + +CVE: CVE-2017-7475 +Upstream-Status: Submitted + +Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> + +Index: cairo-1.15.4/src/cairo-ft-font.c +=================================================================== +--- cairo-1.15.4.orig/src/cairo-ft-font.c ++++ cairo-1.15.4/src/cairo-ft-font.c +@@ -1149,7 +1149,7 @@ _get_bitmap_surface (FT_Bitmap *bi + width = bitmap->width; + height = bitmap->rows; + +- if (width == 0 || height == 0) { ++ if (width == 0 || height == 0 || bitmap->buffer == NULL) { + *surface = (cairo_image_surface_t *) + cairo_image_surface_create_for_data (NULL, format, 0, 0, 0); + return (*surface)->base.status; diff --git a/meta/recipes-graphics/cairo/cairo_1.14.2.bb b/meta/recipes-graphics/cairo/cairo_1.14.2.bb deleted file mode 100644 index 3817dbf286..0000000000 --- a/meta/recipes-graphics/cairo/cairo_1.14.2.bb +++ /dev/null @@ -1,43 +0,0 @@ -require cairo.inc - -LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77" - -SRC_URI = "http://cairographics.org/releases/cairo-${PV}.tar.xz" - -SRC_URI[md5sum] = "e1cdfaf1c6c995c4d4c54e07215b0118" -SRC_URI[sha256sum] = "c919d999ddb1bbbecd4bbe65299ca2abd2079c7e13d224577895afa7005ecceb" - -PACKAGES =+ "cairo-gobject cairo-script-interpreter cairo-perf-utils" - -SUMMARY_${PN} = "The Cairo 2D vector graphics library" -DESCRIPTION_${PN} = "Cairo is a multi-platform library providing anti-aliased \ -vector-based rendering for multiple target backends. Paths consist \ -of line segments and cubic splines and can be rendered at any width \ -with various join and cap styles. All colors may be specified with \ -optional translucence (opacity/alpha) and combined using the \ -extended Porter/Duff compositing algebra as found in the X Render \ -Extension." - -SUMMARY_cairo-gobject = "The Cairo library GObject wrapper library" -DESCRIPTION_cairo-gobject = "A GObject wrapper library for the Cairo API." - -SUMMARY_cairo-script-interpreter = "The Cairo library script interpreter" -DESCRIPTION_cairo-script-interpreter = "The Cairo script interpreter implements \ -CairoScript. CairoScript is used by tracing utilities to enable the ability \ -to replay rendering." - -DESCRIPTION_cairo-perf-utils = "The Cairo library performance utilities" - -FILES_${PN} = "${libdir}/libcairo.so.*" -FILES_${PN}-dev += "${libdir}/cairo/*.so" -FILES_${PN}-gobject = "${libdir}/libcairo-gobject.so.*" -FILES_${PN}-script-interpreter = "${libdir}/libcairo-script-interpreter.so.*" -FILES_${PN}-perf-utils = "${bindir}/cairo-trace ${libdir}/cairo/*.la ${libdir}/cairo/libcairo-trace.so.*" - -do_install_append () { - rm -rf ${D}${bindir}/cairo-sphinx - rm -rf ${D}${libdir}/cairo/cairo-fdr* - rm -rf ${D}${libdir}/cairo/cairo-sphinx* - rm -rf ${D}${libdir}/cairo/.debug/cairo-fdr* - rm -rf ${D}${libdir}/cairo/.debug/cairo-sphinx* -} diff --git a/meta/recipes-graphics/cairo/cairo_1.16.0.bb b/meta/recipes-graphics/cairo/cairo_1.16.0.bb new file mode 100644 index 0000000000..d76d935c30 --- /dev/null +++ b/meta/recipes-graphics/cairo/cairo_1.16.0.bb @@ -0,0 +1,99 @@ +SUMMARY = "The Cairo 2D vector graphics library" +DESCRIPTION = "Cairo is a multi-platform library providing anti-aliased \ +vector-based rendering for multiple target backends. Paths consist \ +of line segments and cubic splines and can be rendered at any width \ +with various join and cap styles. All colors may be specified with \ +optional translucence (opacity/alpha) and combined using the \ +extended Porter/Duff compositing algebra as found in the X Render \ +Extension." +HOMEPAGE = "http://cairographics.org" +BUGTRACKER = "http://bugs.freedesktop.org" +SECTION = "libs" + +LICENSE = "(MPL-1.1 | LGPLv2.1) & GPLv3+" +LICENSE:${PN} = "MPL-1.1 | LGPLv2.1" +LICENSE:${PN}-dev = "MPL-1.1 | LGPLv2.1" +LICENSE:${PN}-doc = "MPL-1.1 | LGPLv2.1" +LICENSE:${PN}-gobject = "MPL-1.1 | LGPLv2.1" +LICENSE:${PN}-script-interpreter = "MPL-1.1 | LGPLv2.1" +LICENSE:${PN}-perf-utils = "GPLv3+" + +LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77" + +DEPENDS = "fontconfig glib-2.0 libpng pixman zlib" + +SRC_URI = "http://cairographics.org/releases/cairo-${PV}.tar.xz \ + file://cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff \ + file://CVE-2018-19876.patch \ + file://CVE-2019-6461.patch \ + file://CVE-2019-6462.patch \ + file://CVE-2020-35492.patch \ + " + +SRC_URI[md5sum] = "f19e0353828269c22bd72e271243a552" +SRC_URI[sha256sum] = "5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331" + +inherit autotools pkgconfig upstream-version-is-even gtk-doc multilib_script + +MULTILIB_SCRIPTS = "${PN}-perf-utils:${bindir}/cairo-trace" + +X11DEPENDS = "virtual/libx11 libsm libxrender libxext" + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'directfb', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'opengl', '', d)} \ + trace" +PACKAGECONFIG:class-native = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}" +PACKAGECONFIG:class-nativesdk = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}" + +PACKAGECONFIG[x11] = "--with-x=yes -enable-xlib,--with-x=no --disable-xlib,${X11DEPENDS}" +PACKAGECONFIG[xcb] = "--enable-xcb,--disable-xcb,libxcb" +PACKAGECONFIG[directfb] = "--enable-directfb=yes,,directfb" +PACKAGECONFIG[valgrind] = "--enable-valgrind=yes,--disable-valgrind,valgrind" +PACKAGECONFIG[egl] = "--enable-egl=yes,--disable-egl,virtual/egl" +PACKAGECONFIG[glesv2] = "--enable-glesv2,--disable-glesv2,virtual/libgles2" +PACKAGECONFIG[opengl] = "--enable-gl,--disable-gl,virtual/libgl" +PACKAGECONFIG[trace] = "--enable-trace,--disable-trace" + +EXTRA_OECONF += " \ + ${@bb.utils.contains('TARGET_FPU', 'soft', '--disable-some-floating-point', '', d)} \ + --enable-tee \ +" + +# We don't depend on binutils so we need to disable this +export ac_cv_lib_bfd_bfd_openr="no" +# Ensure we don't depend on LZO +export ac_cv_lib_lzo2_lzo2a_decompress="no" + +do_install:append () { + rm -rf ${D}${bindir}/cairo-sphinx + rm -rf ${D}${libdir}/cairo/cairo-fdr* + rm -rf ${D}${libdir}/cairo/cairo-sphinx* + rm -rf ${D}${libdir}/cairo/.debug/cairo-fdr* + rm -rf ${D}${libdir}/cairo/.debug/cairo-sphinx* + [ ! -d ${D}${bindir} ] || + rmdir -p --ignore-fail-on-non-empty ${D}${bindir} + [ ! -d ${D}${libdir}/cairo ] || + rmdir -p --ignore-fail-on-non-empty ${D}${libdir}/cairo +} + +PACKAGES =+ "cairo-gobject cairo-script-interpreter cairo-perf-utils" + +SUMMARY:cairo-gobject = "The Cairo library GObject wrapper library" +DESCRIPTION:cairo-gobject = "A GObject wrapper library for the Cairo API." + +SUMMARY:cairo-script-interpreter = "The Cairo library script interpreter" +DESCRIPTION:cairo-script-interpreter = "The Cairo script interpreter implements \ +CairoScript. CairoScript is used by tracing utilities to enable the ability \ +to replay rendering." + +DESCRIPTION:cairo-perf-utils = "The Cairo library performance utilities" + +FILES:${PN} = "${libdir}/libcairo.so.*" +FILES:${PN}-gobject = "${libdir}/libcairo-gobject.so.*" +FILES:${PN}-script-interpreter = "${libdir}/libcairo-script-interpreter.so.*" +FILES:${PN}-perf-utils = "${bindir}/cairo-trace* ${libdir}/cairo/*.la ${libdir}/cairo/libcairo-trace.so" + +BBCLASSEXTEND = "native nativesdk" + +UPSTREAM_CHECK_REGEX = "cairo-(?P<pver>\d+(\.\d+)+).tar.xz" |